﻿<!-- #include file="../Include/Admin_Onlogin.asp" -->
<%
Dim sqlAuth, rsAuth, PurviewID
sqlAuth = "Select AuthID From Admin_Auth Where href='Admin/Admin_Sql.asp' Order By sort Asc,AuthID Asc"
Call Exec(rsAuth,sqlAuth,2)
If rsAuth.BOF And rsAuth.EOF Then
	PurviewID = 0
Else
	PurviewID = rsAuth(0)
	CheckPurview PurviewID,0
End If
rsAuth.Close
Set rsAuth = Nothing
Response.Write "<!DOCTYPE html>" & vbCrLf
Response.Write "<head>" & vbCrLf
Response.Write "<title>执行SQL</title>" & vbCrlf
Response.Write "<meta http-equiv='Content-Type' content='text/html; charset=utf-8'>" & vbCrLf
Response.Write "<meta name='viewport' content='width=device-width, initial-scale=1, maximum-scale=1'>" & vbCrLf
Response.Write "<meta name='apple-mobile-web-app-status-bar-style' content='black'>" & vbCrLf
Response.Write "<meta name='apple-mobile-web-app-capable' content='yes'>" & vbCrLf
Response.Write "<meta name='format-detection' content='telephone=no'>" & vbCrLf
Response.Write "<link rel=""stylesheet"" type=""text/css"" href=""../fonts/font-awesome/css/font-awesome.min.css"" />" & vbCrLf
Response.Write "<link href='../Plugins/layui/css/layui.css' rel='stylesheet' type='text/css' />" & vbCrLf
Response.Write "<link rel=""stylesheet"" href=""../Style/global.css"" media=""all"">" & vbCrLf
Response.Write "<link rel=""stylesheet"" href=""../Style/font.css"" media=""all"">" & vbCrLf
Response.Write "<script type='text/javascript'>" & vbCrLf
Response.Write "var pc_file = '" & InstallDir & "';" & vbCrLf
Response.Write "var admin_file = '" & AdminFolder & "/';" & vbCrLf
Response.Write "</script>" & vbCrLf
Response.Write "<script type='text/javascript' src='../Js/Admin.js'></script>" & vbCrLf
Response.Write "<script type='text/javascript' src='../../Dialog/main.js'></script>" & vbCrLf
Response.Write "<script type='text/javascript' src='../../Dialog/lhgcore.min.js'></script>" & vbCrLf
Response.Write "<script type='text/javascript' src='../../Dialog/lhgcalendar.min.js'></script>" & vbCrLf
Response.Write "</head>" & vbCrlf
Response.Write "<body>" & vbCrlf

Select Case Action
Case "Chk"
	sqlAuth = "Select AuthID From Admin_Auth Where pid="&PurviewID&" And href='Sql/Update' Order By sort Asc,AuthID Asc"
	Call Exec(rsAuth,sqlAuth,2)
	If rsAuth.BOF And rsAuth.EOF Then
		CheckPurview 0,0
	Else
		CheckPurview rsAuth(0),0
	End If
	rsAuth.Close
	Set rsAuth = Nothing
    Call Chk()
Case Else
    Call Main()
End Select
If FoundErr = True Then
	Call WriteErrMsg(ErrMsg, ComeUrl)
End If
Response.Write "</body>" & vbCrLf & "</html>"
Call CloseConn()

Sub Main()
	Response.Write "<div class=""admin-main layui-anim layui-anim-upbit"">" & vbCrLf
	Response.Write "<div class=""layui-row layui-col-space10"">" & vbCrLf
	Response.Write "    <blockquote class=""layui-elem-quote title"">执行SQL</blockquote>" & vbCrLf
	Response.Write "<table class=""layui-table magt0"">" & vbCrlf
	Response.Write "<form action='?Action=Chk' method='post'>" & vbCrlf
	Response.Write "  <tr>" & vbCrlf
	Response.Write "    <td width='20%'>输入说明：</td>" & vbCrlf
	Response.Write "    <td width='80%'>多句执行SQL语句时请以换行的行式每行输入一条执行SQL语句" & vbCrlf
	Response.Write "      <ul type=1 style=""line-height:200%;"">" & vbCrlf
	Response.Write "        <li>本操作仅限高级、对SQL编程比较熟悉的用户！" & vbCrlf
	Response.Write "        <li>您可以直接输入SQL执行语句，比如〖 select * from art 〗查询友情链接信息。" & vbCrlf
	Response.Write "        <li>数据记录筛选：select * from 数据表 [ where 字段名=字段值 order by 字段名 ]" & vbCrlf
	Response.Write "        <li>更新数据记录：update 数据表 set 字段名1=字段值1,……字段名n=字段值n [where 条件表达式]" & vbCrlf
	Response.Write "        <li>删除数据记录：delete from 数据表 [where 条件表达式]" & vbCrlf
	Response.Write "        <li>添加数据记录：insert into 数据表 (字段1，字段2，字段3……) values (值1，值2，值3……)" & vbCrlf
	Response.Write "        <li>删除数据库表格：drop table 命令删除某个表格以及该表格中的所有记录" & vbCrlf
	Response.Write "        <li>添加数据库表格：create table 命令添加某个表格以及该表格中的所有记录" & vbCrlf
	Response.Write "      </ul></td>" & vbCrlf
	Response.Write "  </tr>" & vbCrlf
	Response.Write "  <tr>" & vbCrlf
	Response.Write "    <td>执行SQL语句：</td>" & vbCrlf
	Response.Write "    <td><textarea name=""sqls"" rows=""6"" cols=""65"" class=""layui-textarea""></textarea></td>" & vbCrlf
	Response.Write "  </tr>" & vbCrlf
	Response.Write "  <tr>" & vbCrlf
	Response.Write "    <td height=""30""></td>" & vbCrlf
	Response.Write "    <td><button type=""submit"" class=""layui-btn"" hidefocus=""true"" accesskey=""s"">提交执行[S]</button>&nbsp;<button type=""reset"" class=""layui-btn layui-btn-normal"" hidefocus=""true"" accesskey=""r"">重新填写[R]</button></td>" & vbCrlf
	Response.Write "  </tr>" & vbCrlf
	Response.Write "</form>" & vbCrlf
	Response.Write "</table>" & vbCrlf
	Response.Write "</div>" & vbCrLf
	Response.Write "</div>" & vbCrLf
End Sub

sub Chk()
	dim sqls,dim_sql,dim_tmp,snum,i
	sqls=Code_Admin("sqls",1,0)
	sqls=replace(sqls,"""","'")
	if sqls="" Then
		call WriteErrMsg("请至少输入一句执行SQL语句！",ComeUrl)
		exit sub
	End If
	dim_sql=split(sqls,vbcrlf)
	snum=ubound(dim_sql)
	redim dim_tmp(1,snum+1)
	On Error Resume Next
	for i=0 to snum
		Call Exec("",dim_sql(i),0)
		dim_tmp(0,i)=dim_sql(i)
		dim_tmp(1,i)=1
		if err Then
			err.clear
			dim_tmp(1,i)=0
		End If
	next
	if err Then err.clear
	Response.Write "<div class=""admin-main layui-anim layui-anim-upbit"">" & vbCrLf
	Response.Write "<div class=""table-responsive"">" & vbCrLf
	Response.Write "<table class=""layui-table table-hover"">" & vbCrlf
	Response.Write "  <tr class=""title"">" & vbCrlf
	Response.Write "    <td align=""center""><b>执行SQL</b></td>" & vbCrlf
	Response.Write "  </tr>" & vbCrlf
	Response.Write "  <tr>" & vbCrlf
	Response.Write "    <td align=""center""><table class=""layui-table table-hover"">" & vbCrlf
	Response.Write "      <tr>" & vbCrlf
	Response.Write "        <td colspan='3'>您共输入<font class=red>" & snum+1 & "</font>条执行SQL语句，执行情况如下：</td>" & vbCrlf
	Response.Write "      </tr>" & vbCrlf
	for i=0 to snum
		Response.Write "      <tr>"
		Response.Write "        <td width='5%'>" & i+1 & "、</td>" & vbCrlf
		Response.Write "        <td width='5%'>" & vbCrlf
		if dim_tmp(1,i)=1 Then
			Response.Write "<font class='blue'>成功</font>"
		else
			Response.Write "<font class='red'>失败</font>"
		End If
		Response.Write "        </td>" & vbCrlf
		Response.Write "        <td width='90%'>" & dim_tmp(0,i) & "</td>" & vbCrlf
		Response.Write "      </tr>" & vbCrlf
	next
	Response.Write "      <tr>" & vbCrlf
	Response.Write "        <td colspan=""3""><button type=""button"" class=""layui-btn"" hidefocus=""true"" onClick=""javascript:history.back();"" accesskey=""b"">返回上一页[B]</button></td>" & vbCrlf
	Response.Write "      </tr>" & vbCrlf
	Response.Write "    </table></td>" & vbCrlf
	Response.Write "</tr>" & vbCrlf
	Response.Write "</table>" & vbCrlf
	Response.Write "</div>" & vbCrLf
	Response.Write "</div>" & vbCrLf
	erase dim_sql
	erase dim_tmp
End Sub
%>